Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:13 a.m.6 views

CVE-2022-31022

Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, if the user has used bleve’s own HTTP bleve/http handlers fo...

6.2CVSS6.8AI score0.00332EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-31022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pav...

6.2CVSS5.7AI score0.00332EPSS
Exploits0References3
Chainguard
Chainguard
added 2022/06/01 8:15 p.m.24 views

CVE-2022-31022 vulnerabilities

Vulnerabilities for packages: grafana, mattermost-fips, gitea, mattermost, gitea-fips, gitness...

6.2CVSS6.4AI score0.00332EPSS
Exploits0
Wolfi
Wolfi
added 2022/06/01 8:15 p.m.12 views

CVE-2022-31022 vulnerabilities

Vulnerabilities for packages: gitness, gitea...

6.2CVSS6.4AI score0.00332EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/06/01 7:45 p.m.3 views

CVE-2022-31022 Missing Role Based Access Control for the REST handlers in bleve/http package

Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, if the user has used bleve’s own HTTP bleve/http handlers fo...

6.2CVSS5.9AI score0.00332EPSS
Exploits0References3
CVE
CVE
added 2022/06/01 7:45 p.m.330 views

CVE-2022-31022

This CVE affects Bleve’s http package (bleve/http) used by its sample app. The CreateIndexHandler and DeleteIndexHandler allowed a user with server write access to create a new index directory and recursively delete directories owned by the same user, potentially exposing local filesystem risk. V...

6.2CVSS5.9AI score0.00332EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/06/01 7:45 p.m.38 views

CVE-2022-31022 Missing Role Based Access Control for the REST handlers in bleve/http package

Bleve is a text indexing library for go. Bleve includes HTTP utilities under bleve/http package, that are used by its sample application. These HTTP methods pave way for exploitation of a node’s filesystem where the bleve index resides, if the user has used bleve’s own HTTP bleve/http handlers fo...

6.2CVSS6.6AI score0.00332EPSS
Exploits0References3
Rows per page
Query Builder